CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1530 matches found

vulnersOsv•added 2025/03/20 12:32 p.m.•6 views

ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-6851 via aim (>=3.17.4 <=4.0.3)

aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-6851 Source advisory: SNYK:PYTHON-AIM-9511132...

7.5CVSS7.1AI score0.00953EPSS

Exploits1

vulnersOsv•added 2025/03/20 12:32 p.m.•3 views

api-python-bet-project (>=0.1.9 <=0.1.22), argosml (>=0.0.1 <=0.1.3) +74 more potentially affected by CVE-2024-6838 via mlflow (>=2.0.0rc0 <=2.20.4)

mlflow PYPI version =2.0.0rc0, =0.1.9, =0.0.1, =1.0.4, =0.1.3, =1.2.0, =0.1.0, =0.0.10, =0.8.0, =0.0.10, =0.1.2370984012, =0.0.41, =0.0.97 and more Source cves: CVE-2024-6838 Source advisory: SNYK:PYTHON-MLFLOW-9510934...

5.3CVSS6.2AI score0.00615EPSS

Exploits1

vulnersOsv•added 2025/03/20 12:32 p.m.•3 views

agentverse (=0.1.8.1), airoboros (=2.1.1) +35 more potentially affected by CVE-2024-11603 via fschat (>=0.2.2 <=0.2.36)

fschat PYPI version =0.2.2, =0.3.0, =0.0.1, =1.1.0, =0.1.1, =0.1.1, =0.9.0.8, =0.1.1, =0.1.8 and more Source cves: CVE-2024-11603 Source advisory: SNYK:PYTHON-FSCHAT-9553181...

7.5CVSS7AI score0.00646EPSS

Exploits1

vulnersOsv•added 2025/03/20 12:32 p.m.•2 views

agentverse (=0.1.8.1), airoboros (=2.1.1) +35 more potentially affected by CVE-2024-10907 via fschat (>=0.2.2 <=0.2.36)

fschat PYPI version =0.2.2, =0.3.0, =0.0.1, =1.1.0, =0.1.1, =0.1.1, =0.9.0.8, =0.1.1, =0.1.8 and more Source cves: CVE-2024-10907 Source advisory: SNYK:PYTHON-FSCHAT-9553182...

7.5CVSS7AI score0.00642EPSS

Exploits1

vulnersOsv•added 2025/03/20 12:32 p.m.•4 views

3d-rcnet (>=0.2.2 <=0.2.3), aa-prepflow (>=0.1.0 <=0.1.1) +1048 more potentially affected by CVE-2024-10569 via gradio (>=4.0.0b15 <=6.9.0)

gradio PYPI version =4.0.0b15, =0.2.2, =0.1.0, =0.2.5, =0.0.3, =0.1.5, =0.8.2.4, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =2.0.0, =0.1.4, =0.1.11 and more Source cves: CVE-2024-10569 Source advisory: SNYK:PYTHON-GRADIO-9487019...

7.5CVSS7.1AI score0.0061EPSS

Exploits1

vulnersOsv•added 2025/03/20 10:52 a.m.•2 views

act-workflow (>=4.8.2 <=4.8.399), agent-builder (=0.0.1) +14 more potentially affected by CVE-2024-10940 via langchain-core (>=0.3.0.dev4 <=0.3.14)

langchain-core PYPI version =0.3.0.dev4, =4.8.2, =0.1.6, =0.3.0, =0.1.14rc1, =0.1.8rc1, =0.3.0.dev1, =0.1.0, =4.2.1, =0.1.0, =0.4.16, =0.4.15, =0.5.8 and more Source cves: CVE-2024-10940 Source advisory: SNYK:PYTHON-LANGCHAINCORE-9486546...

5.3CVSS6AI score0.00366EPSS

Exploits0

vulnersOsv•added 2025/03/14 7:56 p.m.•5 views

acquantum-qiskit (>=0.0.1 <=0.0.3), aer-plugin (>=0.0.1 <=0.0.2) +161 more potentially affected by CVE-2025-2000 via qiskit (>=0.18.3 <=1.4.0)

qiskit PYPI version =0.18.3, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.4, =0.0.1, =0.6.0, =0.0.0, =2.0.0, =0.0.3, =0.0.2, =0.1.0, =0.1.0.3 and more Source cves: CVE-2025-2000 Source advisory: SNYK:PYTHON-QISKIT-9459043...

9.8CVSS5.8AI score0.00741EPSS

Exploits0

Mageia•added 2025/03/12 7:0 a.m.•23 views

Updated python-jinja2 packages fix security vulnerability

Jinja sandbox breakout through attr filter selecting format method. CVE-2025-27516...

8.8CVSS7AI score0.00465EPSS

Exploits0References2

vulnersOsv•added 2025/03/11 9:15 a.m.•6 views

abgrouponline (>=1.0.0 <=1.0.4), abismal (>=0.0.6 <=0.0.7) +1607 more potentially affected by CVE-2025-1550 via keras (>=3.0.0 <=3.7.0)

keras PYPI version =3.0.0, =1.0.0, =0.0.6, =0.0.1, =0.0.1, =0.0.3, =0.3.0, =0.0.1, =0.1.0, =0.1.0, =0.0.1, =0.1.0, =0.3.0 - aegis-model =0.1.0 and more Source cves: CVE-2025-1550 Source advisory: OSV:PYSEC-2025-122...

9.8CVSS6.5AI score0.02803EPSS

Exploits3

vulnersOsv•added 2025/03/10 12:15 p.m.•2 views

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +25158 more potentially affected by CVE-2025-2148 via torch (>=1.0.0 <=2.5.1)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-2148 Source advisory: OSV:PYSEC-2025-189...

7.5CVSS5.7AI score0.004EPSS

Exploits0

Tenable Nessus•added 2025/03/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2022-40897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageInd...

5.9CVSS6.6AI score0.02617EPSS

Exploits1References2

Tenable Nessus•added 2025/03/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2022-48560

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free exists in Python through 3.9 via heappushpop in heapq. CVE-2022-48560 Note that Nessus relies on the presence of the package as reported by the...

7.5CVSS7.2AI score0.0177EPSS

Exploits1References3

Tenable Nessus•added 2025/03/04 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2013-7040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the abili...

4.3CVSS6.9AI score0.03255EPSS

Exploits0References4

Tenable Nessus•added 2025/03/04 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2019-9947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a ur...

6.1CVSS7.2AI score0.05406EPSS

Exploits1References2

Tenable Nessus•added 2025/03/04 12:0 a.m.•19 views

Linux Distros Unpatched Vulnerability : CVE-2019-9740

6.1CVSS7.1AI score0.05372EPSS

Exploits1References2

PyPA•added 2025/02/26 3:15 p.m.•8 views

PYSEC-2025-18

picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package hosted, for example, on pypi.org or GitHub via pip.main. Because pip is not a restricted global, the model, when scanned with picklesca...

5.3CVSS6.9AI score0.01498EPSS

Exploits2References3Affected Software1

OSSF Malicious Packages•added 2025/02/25 6:18 p.m.•5 views

Malicious code in acloud-clients (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 89813876cca364b0dffda624005d527aa3c9f54ea7ce20af8186faf8f374ba6f This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

7.2AI score

Exploits0References4

OSV•added 2025/02/25 6:18 p.m.•4 views

MAL-2025-191905 Malicious code in time-service-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 92ae5fc73fd7cc45d02ba02f6c3b667d155f681ba74262d66421edee5f19d237 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

7.2AI score

Exploits0References4

OSV•added 2025/02/25 6:18 p.m.•4 views

MAL-2025-191904 Malicious code in time-server-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8a160dff2a937ad50482cc2b8c8bcd1b7e7c37aefb584bd26515edfecdd4052f This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

7.2AI score

Exploits0References4